The Agent Skills Directory

[SAFE]: The skill and its associated scripts do not contain any malicious patterns such as credential theft, unauthorized network access, or persistence mechanisms.\n- [DATA_EXFILTRATION]: The skill's functionality is limited to reading repository structure and README content within a user-specified directory. It does not include any network-capable modules or instructions to exfiltrate data to external servers.\n- [COMMAND_EXECUTION]: Analysis of the Python scripts scripts/extract_commands.py and scripts/scan_repo.py shows they are limited to text parsing and file system checks. They do not utilize any dynamic execution functions like subprocess, os.system, or eval.\n- [PROMPT_INJECTION]: The skill instructions establish clear boundaries, forbidding the execution of commands found during the intake process. This effectively mitigates the risk of indirect prompt injection from untrusted repository content.

repo-intake-and-plan